From 5207e111e112cee233911873c21323d43db92bd5 Mon Sep 17 00:00:00 2001
From: "kapper.net support account" <support@kapper.net>
Date: Sun, 2 Aug 2020 00:19:28 +0200
Subject: [PATCH 1/8] initial kapper.net DNS API support

hopefully this time we get it right ;)

Co-Authored-By: Harald Kapper <hknet@users.noreply.github.com>
---
 dnsapi/dns_kappernet.sh | 141 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 141 insertions(+)
 create mode 100644 dnsapi/dns_kappernet.sh

diff --git a/dnsapi/dns_kappernet.sh b/dnsapi/dns_kappernet.sh
new file mode 100644
index 00000000..71dae73d
--- /dev/null
+++ b/dnsapi/dns_kappernet.sh
@@ -0,0 +1,141 @@
+#!/usr/bin/env sh
+
+# kapper.net domain api
+# for further questions please contact: support@kapper.net
+
+#KAPPERNETDNS_Key="yourKAPPERNETapikey"
+#KAPPERNETDNS_Secret="yourKAPPERNETapisecret" 
+
+KAPPERNETDNS_Api="https://dnspanel.kapper.net/API/1.1?APIKey=$KAPPERNETDNS_Key&APISecret=$KAPPERNETDNS_Secret"
+
+###############################################################################
+# called with 
+# fullhostname: something.example.com
+# txtvalue:     someacmegenerated string
+dns_kappernet_add() {
+  fullhostname=$1
+  txtvalue=$2
+
+  if [ -z "$KAPPERNETDNS_Key" ] || [ -z "$KAPPERNETDNS_Secret" ]; then
+    KAPPERNETDNS_Key=""
+    KAPPERNETDNS_Secret=""
+    _err "You haven't defined kapper.net api key and secret yet."
+    _err "Please send us mail to support@kapper.net get your key and secret."
+    return 1
+  fi
+
+  #store the api key and email to the account conf file.
+  _saveaccountconf KAPPERNETDNS_Key "$KAPPERNETDNS_Key"
+  _saveaccountconf KAPPERNETDNS_Secret "$KAPPERNETDNS_Secret"
+  _debug "Checking Domain ..."
+  if ! _get_root "$fullhostname"; then
+    _err "invalid domain"
+    return 1
+  fi
+  _debug _sub_domain "SUBDOMAIN: $_sub_domain"
+  _debug _domain "DOMAIN: $_domain"
+
+  _info "Trying to add TXT DNS Record"
+  data="%7B%22name%22%3A%22$fullhostname%22%2C%22type%22%3A%22TXT%22%2C%22content%22%3A%22$txtvalue%22%2C%22ttl%22%3A%223600%22%2C%22prio%22%3A%22%22%7D"
+  if _kappernet_api GET "action=new&subject=$_domain&data=$data"; then
+
+    if _contains "$response" "{\"OK\":true"; then
+      _info "Waiting 120 seconds for DNS to spread the new record"
+      _sleep 120
+      return 0
+    else
+      _err "Error creating a TXT DNS Record: $fullhostname TXT $txtvalue"
+      _err "Error Message: $response"
+      return 1
+    fi
+  fi
+  _err "Failed creating TXT Record"
+}
+
+###############################################################################
+# called with
+# fullhostname: something.example.com
+dns_kappernet_rm() {
+  fullhostname=$1
+  txtvalue=$2
+
+  if [ -z "$KAPPERNETDNS_Key" ] || [ -z "$KAPPERNETDNS_Secret" ]; then
+    KAPPERNETDNS_Key=""
+    KAPPERNETDNS_Secret=""
+    _err "You haven't defined kapper.net api key and secret yet."
+    _err "Please send us mail to get your key and secret."
+    return 1
+  fi
+
+  #store the api key and email to the account conf file.
+  _saveaccountconf KAPPERNETDNS_Key "$KAPPERNETDNS_Key"
+  _saveaccountconf KAPPERNETDNS_Secret "$KAPPERNETDNS_Secret"
+
+  _info "Trying to remove the TXT Record: $fullhostname"
+
+  if _kappernet_api GET "action=del&subject=$fullhostname"; then
+    if _contains "$response" "{\"OK\":true"; then
+      return 0
+    else
+      _err "Error deleting DNS Record: $fullhostname"
+      _err "Problem: $response"
+      return 1
+    fi
+  fi
+  _err "Problem creating TXT DNS record"
+}
+
+####################  Private functions below ##################################
+# called with hostname
+# e.g._acme-challenge.www.domain.com returns
+# _sub_domain=_acme-challenge.www 
+# _domain=domain.com
+_get_root() {
+  domain=$1
+  i=2
+  p=1
+  while true; do
+    h=$(printf "%s" "$domain" | cut -d . -f $i-100)
+    if [ -z "$h" ]; then
+      #not valid
+      return 1
+    fi
+    if ! _kappernet_api GET "action=list&subject=$h"; then
+      return 1
+    fi
+    if _contains "$response" '"OK":false'; then
+      _debug "$h not found"
+    else
+      _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
+      _domain="$h"
+      return 0
+    fi
+    p="$i"
+    i=$(_math "$i" + 1)
+  done
+  return 1
+}
+
+################################################################################
+# calls the kapper.net DNS Panel API
+# with 
+# method
+# param
+_kappernet_api() {
+  method=$1
+  param="$2"
+
+  _debug param "PARAMETER=$param"
+  url="$KAPPERNETDNS_Api&$param"
+  _debug url "URL=$url"
+
+  if [ "$method" = "GET" ]; then
+    response="$(_get "$url")"
+  else
+    _err "Unsupported method"
+    return 1
+  fi
+
+  _debug2 response "$response"
+  return 0
+}

From 494a1603e4a49cc894ac9a9a239e1fc29dc99fd1 Mon Sep 17 00:00:00 2001
From: "kapper.net support account" <support@kapper.net>
Date: Sun, 2 Aug 2020 01:41:26 +0200
Subject: [PATCH 2/8] Update dns_kappernet.sh

add issue-link in sourcecode

Co-Authored-By: Harald Kapper <hknet@users.noreply.github.com>
---
 dnsapi/dns_kappernet.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/dnsapi/dns_kappernet.sh b/dnsapi/dns_kappernet.sh
index 71dae73d..75450549 100644
--- a/dnsapi/dns_kappernet.sh
+++ b/dnsapi/dns_kappernet.sh
@@ -2,6 +2,7 @@
 
 # kapper.net domain api
 # for further questions please contact: support@kapper.net
+# please report issues here: https://github.com/acmesh-official/acme.sh/issues/2977
 
 #KAPPERNETDNS_Key="yourKAPPERNETapikey"
 #KAPPERNETDNS_Secret="yourKAPPERNETapisecret" 

From 2ba6a85eca0ab2aa1fe869f37639d87a9d22eb28 Mon Sep 17 00:00:00 2001
From: "kapper.net support account" <support@kapper.net>
Date: Sun, 2 Aug 2020 15:59:46 +0200
Subject: [PATCH 3/8] fix multiple txt-records delete + API update

new API version
fix to delete specific TXT records for wildcard-certs with LE

Co-Authored-By: Harald Kapper <hknet@users.noreply.github.com>
---
 dnsapi/dns_kappernet.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/dnsapi/dns_kappernet.sh b/dnsapi/dns_kappernet.sh
index 75450549..a059447a 100644
--- a/dnsapi/dns_kappernet.sh
+++ b/dnsapi/dns_kappernet.sh
@@ -7,7 +7,7 @@
 #KAPPERNETDNS_Key="yourKAPPERNETapikey"
 #KAPPERNETDNS_Secret="yourKAPPERNETapisecret" 
 
-KAPPERNETDNS_Api="https://dnspanel.kapper.net/API/1.1?APIKey=$KAPPERNETDNS_Key&APISecret=$KAPPERNETDNS_Secret"
+KAPPERNETDNS_Api="https://dnspanel.kapper.net/API/1.2?APIKey=$KAPPERNETDNS_Key&APISecret=$KAPPERNETDNS_Secret"
 
 ###############################################################################
 # called with 
@@ -73,8 +73,8 @@ dns_kappernet_rm() {
   _saveaccountconf KAPPERNETDNS_Secret "$KAPPERNETDNS_Secret"
 
   _info "Trying to remove the TXT Record: $fullhostname"
-
-  if _kappernet_api GET "action=del&subject=$fullhostname"; then
+  data="%7B%22name%22%3A%22$fullhostname%22%2C%22type%22%3A%22TXT%22%2C%22content%22%3A%22$txtvalue%22%2C%22ttl%22%3A%223600%22%2C%22prio%22%3A%22%22%7D"
+  if _kappernet_api GET "action=del&subject=$fullhostname&data=$data"; then
     if _contains "$response" "{\"OK\":true"; then
       return 0
     else

From f1318636428eefaa0472f28902d2fd19a832a0c4 Mon Sep 17 00:00:00 2001
From: "kapper.net support account" <support@kapper.net>
Date: Wed, 12 Aug 2020 23:48:11 +0200
Subject: [PATCH 4/8] now with "_saveaccountconf_mutable"

_saveaccountconf_mutable instead of _saveaccountconf now used.

Co-Authored-By: kapper.net support account <33451837+kappernet@users.noreply.github.com>
---
 dnsapi/dns_kappernet.sh | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/dnsapi/dns_kappernet.sh b/dnsapi/dns_kappernet.sh
index a059447a..70a3ea23 100644
--- a/dnsapi/dns_kappernet.sh
+++ b/dnsapi/dns_kappernet.sh
@@ -26,8 +26,8 @@ dns_kappernet_add() {
   fi
 
   #store the api key and email to the account conf file.
-  _saveaccountconf KAPPERNETDNS_Key "$KAPPERNETDNS_Key"
-  _saveaccountconf KAPPERNETDNS_Secret "$KAPPERNETDNS_Secret"
+  _saveaccountconf_mutable KAPPERNETDNS_Key "$KAPPERNETDNS_Key"
+  _saveaccountconf_mutable KAPPERNETDNS_Secret "$KAPPERNETDNS_Secret"
   _debug "Checking Domain ..."
   if ! _get_root "$fullhostname"; then
     _err "invalid domain"
@@ -69,8 +69,8 @@ dns_kappernet_rm() {
   fi
 
   #store the api key and email to the account conf file.
-  _saveaccountconf KAPPERNETDNS_Key "$KAPPERNETDNS_Key"
-  _saveaccountconf KAPPERNETDNS_Secret "$KAPPERNETDNS_Secret"
+  _saveaccountconf_mutable KAPPERNETDNS_Key "$KAPPERNETDNS_Key"
+  _saveaccountconf_mutable KAPPERNETDNS_Secret "$KAPPERNETDNS_Secret"
 
   _info "Trying to remove the TXT Record: $fullhostname"
   data="%7B%22name%22%3A%22$fullhostname%22%2C%22type%22%3A%22TXT%22%2C%22content%22%3A%22$txtvalue%22%2C%22ttl%22%3A%223600%22%2C%22prio%22%3A%22%22%7D"

From 0052ab7148a930183e39db4192ec250a3b84bfc0 Mon Sep 17 00:00:00 2001
From: "kapper.net support account" <support@kapper.net>
Date: Thu, 13 Aug 2020 00:23:57 +0200
Subject: [PATCH 5/8] more mutable + style-update

more mutable config-read-calls
more details for TXT records info + errors;
typo fixed (create instead of delete)
---
 dnsapi/dns_kappernet.sh | 22 +++++++++++++++-------
 1 file changed, 15 insertions(+), 7 deletions(-)

diff --git a/dnsapi/dns_kappernet.sh b/dnsapi/dns_kappernet.sh
index 70a3ea23..47a871c1 100644
--- a/dnsapi/dns_kappernet.sh
+++ b/dnsapi/dns_kappernet.sh
@@ -17,11 +17,15 @@ dns_kappernet_add() {
   fullhostname=$1
   txtvalue=$2
 
+  KAPPERNETDNS_Key="${KAPPERNETDNS_Key:-$(_readaccountconf_mutable KAPPERNETDNS_Key)}"
+  KAPPERNETDNS_Secret="${KAPPERNETDNS_Secret:-$(_readaccountconf_mutable KAPPERNETDNS_Secret)}"
+
   if [ -z "$KAPPERNETDNS_Key" ] || [ -z "$KAPPERNETDNS_Secret" ]; then
     KAPPERNETDNS_Key=""
     KAPPERNETDNS_Secret=""
-    _err "You haven't defined kapper.net api key and secret yet."
-    _err "Please send us mail to support@kapper.net get your key and secret."
+    _err "Please specify your kapper.net api key and secret."
+    _err "If you have not received yours - send your mail to"
+	_err "support@kapper.net to get  your key and secret."
     return 1
   fi
 
@@ -60,11 +64,15 @@ dns_kappernet_rm() {
   fullhostname=$1
   txtvalue=$2
 
+  KAPPERNETDNS_Key="${KAPPERNETDNS_Key:-$(_readaccountconf_mutable KAPPERNETDNS_Key)}"
+  KAPPERNETDNS_Secret="${KAPPERNETDNS_Secret:-$(_readaccountconf_mutable KAPPERNETDNS_Secret)}"
+
   if [ -z "$KAPPERNETDNS_Key" ] || [ -z "$KAPPERNETDNS_Secret" ]; then
     KAPPERNETDNS_Key=""
     KAPPERNETDNS_Secret=""
-    _err "You haven't defined kapper.net api key and secret yet."
-    _err "Please send us mail to get your key and secret."
+    _err "Please specify your kapper.net api key and secret."
+    _err "If you have not received yours - send your mail to"
+	_err "support@kapper.net to get  your key and secret."
     return 1
   fi
 
@@ -72,18 +80,18 @@ dns_kappernet_rm() {
   _saveaccountconf_mutable KAPPERNETDNS_Key "$KAPPERNETDNS_Key"
   _saveaccountconf_mutable KAPPERNETDNS_Secret "$KAPPERNETDNS_Secret"
 
-  _info "Trying to remove the TXT Record: $fullhostname"
+  _info "Trying to remove the TXT Record: $fullhostname containing $txtvalue"
   data="%7B%22name%22%3A%22$fullhostname%22%2C%22type%22%3A%22TXT%22%2C%22content%22%3A%22$txtvalue%22%2C%22ttl%22%3A%223600%22%2C%22prio%22%3A%22%22%7D"
   if _kappernet_api GET "action=del&subject=$fullhostname&data=$data"; then
     if _contains "$response" "{\"OK\":true"; then
       return 0
     else
-      _err "Error deleting DNS Record: $fullhostname"
+      _err "Error deleting DNS Record: $fullhostname containing $txtvalue"
       _err "Problem: $response"
       return 1
     fi
   fi
-  _err "Problem creating TXT DNS record"
+  _err "Problem deleting TXT DNS record"
 }
 
 ####################  Private functions below ##################################

From 0415c050a5dbce75ed8bf89abb9ef2d361a1e589 Mon Sep 17 00:00:00 2001
From: neil <win10@neilpang.com>
Date: Thu, 13 Aug 2020 23:04:19 +0800
Subject: [PATCH 6/8] remove gitads

---
 README.md | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/README.md b/README.md
index f5631475..e50489dc 100644
--- a/README.md
+++ b/README.md
@@ -8,10 +8,6 @@
 acme.sh is being sponsored by the following tool; please help to support us by taking a look and signing up to a free trial
 
 
-<a href="https://tracking.gitads.io/?repo=acme.sh"> <img src="https://images.gitads.io/acme.sh" alt="GitAds"/> </a>
-
-
-
 - An ACME protocol client written purely in Shell (Unix shell) language.
 - Full ACME protocol implementation.
 - Support ACME v1 and ACME v2

From a6d22e3b2215f85ca1f5cae7fa73adbc34697125 Mon Sep 17 00:00:00 2001
From: neil <win10@neilpang.com>
Date: Thu, 13 Aug 2020 23:12:30 +0800
Subject: [PATCH 7/8] 1. save the CA url anyway. 2. clear some code.

---
 acme.sh | 25 +++----------------------
 1 file changed, 3 insertions(+), 22 deletions(-)

diff --git a/acme.sh b/acme.sh
index 9505ae2c..406a158d 100755
--- a/acme.sh
+++ b/acme.sh
@@ -52,9 +52,6 @@ DEFAULT_DOMAIN_KEY_LENGTH=2048
 
 DEFAULT_OPENSSL_BIN="openssl"
 
-_OLD_CA_HOST="https://acme-v01.api.letsencrypt.org"
-_OLD_STAGE_CA_HOST="https://acme-staging.api.letsencrypt.org"
-
 VTYPE_HTTP="http-01"
 VTYPE_DNS="dns-01"
 VTYPE_ALPN="tls-alpn-01"
@@ -2595,11 +2592,6 @@ _initpath() {
     CA_HOME="$DEFAULT_CA_HOME"
   fi
 
-  if [ "$ACME_VERSION" = "2" ]; then
-    DEFAULT_CA="$CA_LETSENCRYPT_V2"
-    DEFAULT_STAGING_CA="$CA_LETSENCRYPT_V2_TEST"
-  fi
-
   if [ -z "$ACME_DIRECTORY" ]; then
     default_acme_server=$(_readaccountconf "DEFAULT_ACME_SERVER")
     _debug default_acme_server "$default_acme_server"
@@ -4088,12 +4080,9 @@ issue() {
     _cleardomainconf "Le_ChallengeAlias"
   fi
 
-  if [ "$ACME_DIRECTORY" != "$DEFAULT_CA" ]; then
-    Le_API="$ACME_DIRECTORY"
-    _savedomainconf "Le_API" "$Le_API"
-  else
-    _cleardomainconf Le_API
-  fi
+  Le_API="$ACME_DIRECTORY"
+  _savedomainconf "Le_API" "$Le_API"
+
   _info "Using CA: $ACME_DIRECTORY"
   if [ "$_alt_domains" = "$NO_VALUE" ]; then
     _alt_domains=""
@@ -4980,14 +4969,6 @@ renew() {
   fi
 
   if [ "$Le_API" ]; then
-    if [ "$_OLD_CA_HOST" = "$Le_API" ]; then
-      export Le_API="$DEFAULT_CA"
-      _savedomainconf Le_API "$Le_API"
-    fi
-    if [ "$_OLD_STAGE_CA_HOST" = "$Le_API" ]; then
-      export Le_API="$DEFAULT_STAGING_CA"
-      _savedomainconf Le_API "$Le_API"
-    fi
     export ACME_DIRECTORY="$Le_API"
     #reload ca configs
     ACCOUNT_KEY_PATH=""

From b3a801df110d75886e15e8f6f10e8b1c77b0301a Mon Sep 17 00:00:00 2001
From: neil <win10@neilpang.com>
Date: Sat, 15 Aug 2020 10:33:24 +0800
Subject: [PATCH 8/8] fix test endpoint

---
 acme.sh | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/acme.sh b/acme.sh
index 406a158d..a7e6d7ef 100755
--- a/acme.sh
+++ b/acme.sh
@@ -2593,16 +2593,16 @@ _initpath() {
   fi
 
   if [ -z "$ACME_DIRECTORY" ]; then
-    default_acme_server=$(_readaccountconf "DEFAULT_ACME_SERVER")
-    _debug default_acme_server "$default_acme_server"
-    if [ "$default_acme_server" ]; then
-      ACME_DIRECTORY="$default_acme_server"
+    if [ "$STAGE" ]; then
+      ACME_DIRECTORY="$DEFAULT_STAGING_CA"
+      _info "Using stage ACME_DIRECTORY: $ACME_DIRECTORY"
     else
-      if [ -z "$STAGE" ]; then
-        ACME_DIRECTORY="$DEFAULT_CA"
+      default_acme_server=$(_readaccountconf "DEFAULT_ACME_SERVER")
+      _debug default_acme_server "$default_acme_server"
+      if [ "$default_acme_server" ]; then
+        ACME_DIRECTORY="$default_acme_server"
       else
-        ACME_DIRECTORY="$DEFAULT_STAGING_CA"
-        _info "Using stage ACME_DIRECTORY: $ACME_DIRECTORY"
+        ACME_DIRECTORY="$DEFAULT_CA"
       fi
     fi
   fi